CVE-2022-20092

Summary

In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061.

Affected Software

VendorProductVersion RangeStatus
MediaTek, Inc.MT6761, MT6768, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8173, MT8175, MT8183, MT8185, MT8385, MT8791, MT8797Android 11.0, 12.0affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References